Skip to content

Commit

Permalink
feat: Add cloudfront (#1)
Browse files Browse the repository at this point in the history
  • Loading branch information
qbart authored Apr 26, 2024
1 parent 9282bfa commit e690989
Show file tree
Hide file tree
Showing 28 changed files with 597 additions and 122 deletions.
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
name: Generate terraform docs
name: Terraform Docs
on:
- pull_request

jobs:
docs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.ref }}

Expand Down
19 changes: 13 additions & 6 deletions .github/workflows/tflint.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,19 +7,20 @@ jobs:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
name: Checkout source code

- uses: actions/cache@v3
- uses: actions/cache@v4
name: Cache plugin dir
with:
path: ~/.tflint.d/plugins
key: tflint-${{ hashFiles('.tflint.hcl') }}

- uses: terraform-linters/setup-tflint@v3
- uses: terraform-linters/setup-tflint@v4
name: Setup TFLint
with:
tflint_version: v0.45.0
tflint_version: v0.50.3
tflint_wrapper: true

- name: Show version
run: tflint --version
Expand All @@ -32,5 +33,11 @@ jobs:

- name: Run TFLint
run: |
tflint -f compact .
tflint -f compact modules/rename_me
tflint -f compact --chdir .
tflint -f compact --chdir modules/cloudfront-app
tflint -f compact --chdir modules/cloudfront-deployment-policy
tflint -f compact --chdir modules/cloudfront-s3-origin-bucket-policy
- run: echo ${{ steps.tflint.outputs.stdout }}
- run: echo ${{ steps.tflint.outputs.stderr }}
- run: echo ${{ steps.tflint.outputs.exitcode }}
4 changes: 2 additions & 2 deletions .tflint.hcl
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
plugin "terraform" {
enabled = true
version = "0.2.2"
version = "0.6.0"
source = "github.com/terraform-linters/tflint-ruleset-terraform"
}

plugin "aws" {
enabled = true
version = "0.21.2"
version = "0.30.0"
source = "github.com/terraform-linters/tflint-ruleset-aws"
}
5 changes: 3 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
# Terraform RENAME_ME module
# Terraform AWS modules

TODO
This repository contains Terraform modules for AWS.
Rather than using the modules it's better to copy the code and adjust it to your needs.

<!-- BEGIN_TF_DOCS -->

Expand Down
44 changes: 44 additions & 0 deletions examples/cloudfront-app/.terraform.lock.hcl

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

32 changes: 32 additions & 0 deletions examples/cloudfront-app/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
<!-- BEGIN_TF_DOCS -->
## Requirements

| Name | Version |
|------|---------|
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | ~> 1.0 |
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 5.0 |
| <a name="requirement_random"></a> [random](#requirement\_random) | ~> 3.0 |

## Providers

| Name | Version |
|------|---------|
| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.47.0 |
| <a name="provider_random"></a> [random](#provider\_random) | 3.6.1 |

## Modules

| Name | Source | Version |
|------|--------|---------|
| <a name="module_cloudfront_app"></a> [cloudfront\_app](#module\_cloudfront\_app) | ../../modules/cloudfront-app | n/a |
| <a name="module_cloudfront_bucket_policy"></a> [cloudfront\_bucket\_policy](#module\_cloudfront\_bucket\_policy) | ../../modules/cloudfront-s3-origin-bucket-policy | n/a |
| <a name="module_cloudfront_deployment_policy"></a> [cloudfront\_deployment\_policy](#module\_cloudfront\_deployment\_policy) | ../../modules/cloudfront-deployment-policy | n/a |

## Resources

| Name | Type |
|------|------|
| [aws_s3_bucket.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
| [aws_s3_bucket_public_access_block.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block) | resource |
| [random_id.example](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
<!-- END_TF_DOCS -->
46 changes: 46 additions & 0 deletions examples/cloudfront-app/main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
resource "random_id" "example" {
byte_length = 4
prefix = "tf-example-"
}

resource "aws_s3_bucket" "this" {
bucket = "apps-${random_id.example.hex}"
}

resource "aws_s3_bucket_public_access_block" "this" {
bucket = aws_s3_bucket.this.id

block_public_acls = true
block_public_policy = true
ignore_public_acls = true
restrict_public_buckets = true
}

module "cloudfront_app" {
source = "../../modules/cloudfront-app"

context = {
namespace = "example"
stage = "dev"
name = "app"
}
app_id = "example"
s3_bucket = aws_s3_bucket.this.bucket
aliases = []
certificate_arn = ""
}

module "cloudfront_deployment_policy" {
source = "../../modules/cloudfront-deployment-policy"

s3_bucket_arn = aws_s3_bucket.this.arn
cloudfront_arns = [module.cloudfront_app.arn]
s3_origin_arns = [module.cloudfront_app.s3_origin_arn]
}

module "cloudfront_bucket_policy" {
source = "../../modules/cloudfront-s3-origin-bucket-policy"

s3_bucket = aws_s3_bucket.this.bucket
cloudfront_arns = [module.cloudfront_app.arn]
}
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,12 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 4.0"
version = "~> 5.0"
}

random = {
source = "hashicorp/random"
version = "~> 3.0"
}
}
}
Expand Down
28 changes: 0 additions & 28 deletions examples/rename_me/README.md

This file was deleted.

21 changes: 0 additions & 21 deletions examples/rename_me/main.tf

This file was deleted.

51 changes: 51 additions & 0 deletions modules/cloudfront-app/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
<!-- BEGIN_TF_DOCS -->
## Requirements

| Name | Version |
|------|---------|
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | ~> 1.0 |
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 5.0 |
| <a name="requirement_random"></a> [random](#requirement\_random) | ~> 3.0 |

## Providers

| Name | Version |
|------|---------|
| <a name="provider_aws"></a> [aws](#provider\_aws) | ~> 5.0 |
| <a name="provider_random"></a> [random](#provider\_random) | ~> 3.0 |

## Resources

| Name | Type |
|------|------|
| [aws_cloudfront_distribution.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution) | resource |
| [aws_cloudfront_origin_access_control.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_origin_access_control) | resource |
| [random_id.prefix](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
| [aws_s3_bucket.apps](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/s3_bucket) | data source |

## Inputs

| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| <a name="input_aliases"></a> [aliases](#input\_aliases) | List of CNAMEs | `list(string)` | n/a | yes |
| <a name="input_app_id"></a> [app\_id](#input\_app\_id) | Application ID and S3 folder | `string` | n/a | yes |
| <a name="input_apps_folder"></a> [apps\_folder](#input\_apps\_folder) | Folder where apps are stored, must end with /. | `string` | `"apps/"` | no |
| <a name="input_certificate_arn"></a> [certificate\_arn](#input\_certificate\_arn) | AWS ACM certificate ARN. | `string` | n/a | yes |
| <a name="input_certificate_minimum_protocol_version"></a> [certificate\_minimum\_protocol\_version](#input\_certificate\_minimum\_protocol\_version) | The minimum version of the SSL protocol that you want to use for HTTPS. | `string` | `"TLSv1.2_2019"` | no |
| <a name="input_context"></a> [context](#input\_context) | Project context. | <pre>object({<br> namespace = string<br> stage = string<br> name = string<br> })</pre> | n/a | yes |
| <a name="input_custom_error_responses"></a> [custom\_error\_responses](#input\_custom\_error\_responses) | List of custom error responses for distribution. | <pre>list(object({<br> error_code = number<br> error_caching_min_ttl = number<br> response_code = number<br> response_page_path = string<br> }))</pre> | `[]` | no |
| <a name="input_default_root_object"></a> [default\_root\_object](#input\_default\_root\_object) | The object that you want CDN to return when an user requests the root URL. | `string` | `"index.html"` | no |
| <a name="input_price_class"></a> [price\_class](#input\_price\_class) | Cloudfront distribution's price class. | `string` | `"PriceClass_100"` | no |
| <a name="input_s3_bucket"></a> [s3\_bucket](#input\_s3\_bucket) | S3 bucket for Cloudfront origin. | `string` | n/a | yes |
| <a name="input_tags"></a> [tags](#input\_tags) | Tags attached to Cloudfront distribution. | `map(string)` | `{}` | no |

## Outputs

| Name | Description |
|------|-------------|
| <a name="output_arn"></a> [arn](#output\_arn) | CDN distribution ARN. |
| <a name="output_domain_name"></a> [domain\_name](#output\_domain\_name) | CDN distribution's domain name. |
| <a name="output_hosted_zone_id"></a> [hosted\_zone\_id](#output\_hosted\_zone\_id) | CDN Route 53 zone ID. |
| <a name="output_id"></a> [id](#output\_id) | CDN distribution ID. |
| <a name="output_s3_origin_arn"></a> [s3\_origin\_arn](#output\_s3\_origin\_arn) | S3 Origin ARN with origin path |
<!-- END_TF_DOCS -->
Loading

0 comments on commit e690989

Please sign in to comment.